[arch-dev-public] [objectives] Package triage on current + extra (archstats)
dpmcgee at gmail.com
Mon May 7 15:18:19 EDT 2007
On 5/7/07, Roman Kyrylych <roman.kyrylych at gmail.com> wrote:
> 2007/5/7, Dan McGee <dpmcgee at gmail.com>:
> > On 5/7/07, Jürgen Hötzel <juergen at hoetzel.info> wrote:
> > > There is no solution, if users are anonymous. A simple workaround/hack:
> > >
> > > Prevent connects from the same IP (for a limited time period).
> > >
> > > This could limit the possibility to flood the database with multiple
> > > machine entries from one user.
> > I thought about this solution as well, but I realized it does carry
> > with it a rather large negative. If a user has 4 Arch boxes behind a
> > router with NAT, and they all run archstats as a cronjob at the same
> > time, we would be excluding all but 1 of his boxes from updates.
> > How essential is user anonymity on submission? Would users feel
> > comfortable registering (which is a hurdle I think we should try to
> > avoid) if their anonymous state was still preserved in any data
> > presented to the user?
> Also, users connected to large ISPs have dynamic IPs (at least this is
> common case in Eastern Europe).
That isn't the problem here Roman- that will work just fine. We aren't
planning on doing a one-to-one pairing of users with IP addresses. He
only proposed that we limit the connections from one IP address to one
update an hour, for example, to prevent mass floods of the database.
More information about the arch-dev-public